Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Ubuntu USN-721-1 (fglrx-installer)

Information

Severity

Severity

High

Family

Family

Ubuntu Local Security Checks

CVSSv2 Base

CVSSv2 Base

7.2

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

15 years ago

Modified

Modified

6 years ago

Summary

The remote host is missing an update to fglrx-installer announced via advisory USN-721-1.

Insight

Insight

Marko Lindqvist discovered that the fglrx installer created an unsafe LD_LIBRARY_PATH on 64bit systems. If a user were tricked into downloading specially crafted libraries and running commands in the same directory, a remote attacker could execute arbitrary code with user privileges.

Solution

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: xorg-driver-fglrx 2:8.543-0ubuntu4.1 After a standard system upgrade you need to restart your session to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-721-1